package com.redsea.rsadmin.realm;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;

import com.redsea.rsadmin.service.SysAuthorizeService;
import com.redsea.rsadmin.service.SysUserService;

public class CustomRealm extends AuthorizingRealm {

	@Autowired
	private SysUserService userService;

	@Autowired
	private SysAuthorizeService permissionService;

	/**
	 * 认证
	 */
	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
		// 获取用户名
		String userName = (String) token.getPrincipal();
//		// 通过用户名获取用户对象
//		
//		SysUser user = this.userService.selectOne(userName);
//
//		if (user == null) {
//			return null;
//		}
//
//		// 通过 userId 获取该用户拥有的所有权限，返回值根据自己要求设置，并非固定值。
//		List<Permission> permissionList = this.permissionService.getPermissionByUserId(user.getUserId());
//
//		// （目录+菜单+按钮）
//		user.setPermissionList(permissionList);

//		SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(user,user.getUserPwd(),this.getName());

		return null;
	}

	/**
	 * 授权
	 */
	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
//		User user = (User) principals.getPrimaryPrincipal();
//
		SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
//
//        // （目录+菜单+按钮）
//        List<Permission> permissionList = user.getPermissionList();
//
//        for (Permission permission : permissionList) {
//        	if (StringUtil.isNotEmpty(permission.getCode())) {
//        		info.addStringPermission(permission.getCode());
//        	}
//        }

		return info;
	}

}
